[multiple] fix TLS config string parsing

flagged by coverity

(incomplete fix a few commits back)
This commit is contained in:
Glenn Strauss 2021-01-17 15:49:26 -05:00
parent 9d8d559e1f
commit 915b4ef3fc
2 changed files with 19 additions and 3 deletions

View File

@ -385,11 +385,20 @@ mod_gnutls_session_ticket_key_check (server *srv, const plugin_data *p, const ti
if (NULL == session_ticket_key.data) return;
session_ticket_key.size = TICKET_MASTER_KEY_SIZE;
}
#ifndef __COVERITY__
memcpy(session_ticket_key.data,
stek->tick_key_name, TICKET_MASTER_KEY_SIZE);
#ifndef __COVERITY__
gnutls_memset(stek->tick_key_name, 0, TICKET_MASTER_KEY_SIZE);
#else
char * const data = (char *)session_ticket_key.data;
memcpy(data,
stek->tick_key_name, TLSEXT_KEYNAME_LENGTH);
memcpy(data+TLSEXT_KEYNAME_LENGTH,
stek->tick_hmac_key, TLSEXT_TICK_KEY_LENGTH);
memcpy(data+TLSEXT_KEYNAME_LENGTH+TLSEXT_TICK_KEY_LENGTH,
stek->tick_aes_key,
TICKET_MASTER_KEY_SIZE
- TLSEXT_KEYNAME_LENGTH + TLSEXT_TICK_KEY_LENGTH);
gnutls_memset(stek->tick_key_name, 0, TLSEXT_KEYNAME_LENGTH);
gnutls_memset(stek->tick_hmac_key, 0, TLSEXT_TICK_KEY_LENGTH);
gnutls_memset(stek->tick_aes_key, 0, TLSEXT_TICK_KEY_LENGTH);
@ -3095,6 +3104,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (0 == len) continue;
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
"GnuTLS: skipped ciphersuite; too long: %.*s",
@ -3226,7 +3236,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
continue;
}
if (*e != ':' && *e != '\0') {
{
log_error(srv->errh, __FILE__, __LINE__,
"GnuTLS: error: missing support for cipher list: %.*s",
(int)len, p);

View File

@ -3236,6 +3236,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (0 == len) continue;
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: skipped ciphersuite; too long: %.*s",
@ -3505,7 +3506,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
continue;
}
if (*e != ':' && *e != '\0') {
{
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: error: missing support for cipher list: %.*s",
(int)len, p);
@ -3530,6 +3531,11 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
if (-1 == nids) return 0;
}
if (nids >= idsz) {
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: error: too many ciphersuites during list expand");
return 0;
}
ids[++nids] = 0; /* terminate list */
++nids;